Beispiel #1
0
        public string Register(RegisterInfo info)
        {
            string        error      = string.Empty;
            LibDataAccess dataAccess = new LibDataAccess();
            string        userId     = LibSysUtils.ToString(dataAccess.ExecuteScalar(string.Format("select USERID from AXPUSER where USERID={0}",
                                                                                                   LibStringBuilder.GetQuotString(info.inputId))));

            if (string.IsNullOrEmpty(userId))
            {
                string personId = LibSysUtils.ToString(dataAccess.ExecuteScalar(string.Format("select PERSONID from COMPERSON where PERSONNAME={0} and DEPTID={1}",
                                                                                              LibStringBuilder.GetQuotString(info.inputName), LibStringBuilder.GetQuotString(info.inputDept))));
                //如果遇到同部门同名的情况。建议客户手动创建人员主数据。
                if (string.IsNullOrEmpty(personId))
                {
                    LibBcfData bcfData   = (LibBcfData)LibBcfSystem.Default.GetBcfInstance("com.Person");
                    DataSet    dataSet   = bcfData.AddNew(null);
                    DataRow    masterRow = dataSet.Tables[0].Rows[0];
                    masterRow.BeginEdit();
                    try
                    {
                        if (string.IsNullOrEmpty(LibSysUtils.ToString(masterRow["PERSONID"])))
                        {
                            masterRow["PERSONID"] = personId = LibCommUtils.GetInternalId().ToString();
                        }
                        masterRow["PERSONNAME"] = info.inputName;
                        masterRow["GENDER"]     = info.gender;
                        masterRow["DEPTID"]     = info.inputDept;
                        masterRow["MAIL"]       = info.inputEmail;
                        masterRow["PHONENO"]    = info.inputPhone;
                    }
                    finally
                    {
                        masterRow.EndEdit();
                    }
                    dataSet  = bcfData.InnerSave(BillAction.AddNew, new object[] { personId }, dataSet);
                    personId = LibSysUtils.ToString(dataSet.Tables[0].Rows[0]["PERSONID"]);
                }
                if (!string.IsNullOrEmpty(personId))
                {
                    string sql = string.Format("insert into AXPUSER(USERID,USERPASSWORD,PERSONID,ISUSE) values({0},{1},{2},0)",
                                               LibStringBuilder.GetQuotString(info.inputId), LibStringBuilder.GetQuotString(info.inputPassword1),
                                               LibStringBuilder.GetQuotString(personId));
                    dataAccess.ExecuteNonQuery(sql);
                }
            }
            else
            {
                error = "账号已注册";
            }
            return(error);
        }
Beispiel #2
0
        public SetPwdResult SetPassword(string handle, string oldPwd, string newPwd)
        {
            SetPwdResult result    = new SetPwdResult();
            LibHandle    libHandle = LibHandleCache.Default.GetCurrentHandle(handle) as LibHandle;

            if (libHandle == null)
            {
                throw new Exception("用户句柄无效。");
            }
            string sql = string.Format("select USERID from AXPUSER where USERID={0} and USERPASSWORD={1}",
                                       LibStringBuilder.GetQuotString(libHandle.UserId), LibStringBuilder.GetQuotString(oldPwd));
            LibDataAccess dataAccess = new LibDataAccess();
            string        userId     = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql));

            if (string.IsNullOrEmpty(userId))
            {
                result.Msg     = "输入的旧密码与系统不匹配。";
                result.Success = false;
            }
            else
            {
                dataAccess.ExecuteNonQuery(string.Format("update AXPUSER set USERPASSWORD={2} where USERID={0} and USERPASSWORD={1}",
                                                         LibStringBuilder.GetQuotString(libHandle.UserId), LibStringBuilder.GetQuotString(oldPwd),
                                                         LibStringBuilder.GetQuotString(newPwd)));
                result.Success = true;
            }
            return(result);
        }
Beispiel #3
0
        /// <summary>
        /// 验证验证码是否正确
        /// </summary>
        /// <param name="userId"></param>
        /// <param name="code"></param>
        /// <returns></returns>
        private static Result VerifyCode(string userId, string code)
        {
            Result res = new Result();

            try
            {
                string        sql      = string.Format("SELECT VERIFYCODE FROM AXPVERIFYCODE WHERE USERID={0}", LibStringBuilder.GetQuotString(userId));
                LibDataAccess access   = new LibDataAccess();
                string        realCode = LibSysUtils.ToString(access.ExecuteScalar(sql));
                if (realCode == string.Empty)
                {
                    res.ReturnValue = false;
                    res.Message     = "该帐号没有对应的验证码";
                    return(res);
                }

                if (code != null && code.Equals(realCode))
                {
                    res.ReturnValue = true;
                    return(res);
                }
                else
                {
                    res.ReturnValue = false;
                    res.Message     = "验证码错误";
                    return(res);
                }
            }
            catch (Exception ex)
            {
                res.ReturnValue = false;
                res.Message     = "注册失败!" + ex.Message;
                return(res);
            }
        }
Beispiel #4
0
        private void InitData()
        {
            //授权规格
            LibDataAccess dataAccess = new LibDataAccess();
            decimal       count      = LibSysUtils.ToDecimal((dataAccess.ExecuteScalar("select count(*) from AXPPURCHASESPEC")));

            if (count == 0)
            {
                dataAccess.ExecuteNonQuery("insert into AXPPURCHASESPEC(PURCHASERID,PURCHASERNAME,MAXUSERCOUNT,MAXWORKSTATIONCOUNT) values('ax','ax',1000,-1)");
            }
            bool        existsINTERNALID = false;
            LibSqlModel sqlModel         = LibSqlModelCache.Default.GetSqlModel("axp.User");

            if (sqlModel != null && sqlModel.Tables.Count > 0 && sqlModel.Tables[0].Columns.Contains("INTERNALID"))
            {
                existsINTERNALID = true;
            }
            string userId = LibSysUtils.ToString(dataAccess.ExecuteScalar("select USERID from AXPUSER where USERID='admin'"));

            if (string.IsNullOrEmpty(userId))
            {
                //考虑默认账户 使用admin
                if (existsINTERNALID == false)
                {
                    dataAccess.ExecuteNonQuery("insert into AXPUSER(USERID,USERPASSWORD,ISUSE) values('admin','admin',1)");
                }
                else
                {
                    //如果AXPUser不再是Grid数据,则会有内码字段
                    dataAccess.ExecuteNonQuery("insert into AXPUSER(USERID,USERPASSWORD,ISUSE,INTERNALID,CREATORID,CURRENTSTATE) values('admin','admin',1,'" + Guid.NewGuid().ToString() + "','(NotSet)',2)");
                }
            }
            if (existsINTERNALID)
            {
                // 升级时如果发现系统账户(axp.User)的数据表存在内码字段(即类型已修改为主数据),则需要修改所有内码为空的账户信息,为其生成新的Guid
                if (dataAccess.DatabaseType == LibDatabaseType.SqlServer)
                {
                    dataAccess.ExecuteNonQuery("update AXPUSER set INTERNALID = NEWID(),CURRENTSTATE = 2 where INTERNALID=''");
                }
                else if (dataAccess.DatabaseType == LibDatabaseType.Oracle)
                {
                    dataAccess.ExecuteNonQuery("update AXPUSER set INTERNALID = sys_guid(),CURRENTSTATE = 2 where INTERNALID=''");
                }
            }
        }
Beispiel #5
0
        public string getSupplIer(string supplyUserId)
        {
            string        supplierId = string.Empty;
            LibDataAccess dataAccess = new LibDataAccess();
            string        sql        = string.Format("SELECT SUPPLIERID FROM COMPERSON WHERE PERSONID = '{0}'", supplyUserId);

            supplierId = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql));
            return(supplierId);
        }
Beispiel #6
0
        public static Result GetCount(string userId, string handle)
        {
            Result res = new Result();

            res.ReturnValue = true;
            string personId = "018427";

            //LibHandle Handle = LibHandleCache.Default.IsExistsHandle(LibHandeleType.None, userId);
            //VerificationHandle(userId, handle, Handle, res);
            if (res.ReturnValue)
            {
                LibDataAccess access = new LibDataAccess();
                try
                {
                    string sql = string.Empty;
                    //if (!string.IsNullOrEmpty(Handle.PersonId))//待优化
                    //{
                    CountModel model = new CountModel();
                    sql = string.Format("SELECT COUNT(*) AS TOTALNUM FROM AXPAPPROVETASK WHERE PERSONID = {0} AND AUDITSTATE = 0 and FLOWLEVEL=CURRENTLEVEL+1", LibStringBuilder.GetQuotString(personId));
                    model.ApprovelCount = LibSysUtils.ToInt32(access.ExecuteScalar(sql));
                    sql = string.Format("SELECT COUNT(*) FROM COMABNORMALREPORT A INNER JOIN COMABNORMALREPORTTYPEFLOW B ON B.TYPEID = A.TYPEID  WHERE A.TRANSMITLEVEL = B.TRANSMITLEVEL AND B.PERSONID = {0} AND A.BILLNO NOT IN (select FROMBILLNO from COMABNORMALTRACE)", LibStringBuilder.GetQuotString(personId));
                    model.AbnormalCount = LibSysUtils.ToInt32(access.ExecuteScalar(sql));

                    res.Info        = model;
                    res.ReturnValue = true;
                    //}
                    //else
                    //{
                    //    res.Message = "请重新登录!";
                    //    res.ReturnValue = false;
                    //}
                }
                catch (Exception ex)
                {
                    res.ReturnValue = false;
                    res.Message     = "失败!" + ex.Message;
                }
            }
            return(res);
        }
Beispiel #7
0
        /// <summary>
        /// 获取指定用户的SSO令牌信息。如果本站点不是SSO管理站点,则从管理站点获取
        /// </summary>
        /// <param name="userHandle"></param>
        /// <param name="timeOutMs"></param>
        /// <param name="dataAccess">可选参数:数据库访问器。如果调用时使用了数据库事务,需要将开启了事务的数据库访问器传递进来,避免在本方法中查询数据库时因事务锁表而死锁。</param>
        /// <returns></returns>
        public static string GetToken(LibHandle userHandle, int timeOutMs = 30 * 1000, LibDataAccess dataAccess = null)
        {
            if (userHandle == null || string.IsNullOrEmpty(userHandle.UserId))
            {
                return(string.Empty);
            }
            if (EnvProvider.Default.IsSSOManageSite)
            {
                return(userHandle.GetToCheckToken());
            }
            if (string.IsNullOrEmpty(EnvProvider.Default.SSOManageSiteUrl))
            {
                return(string.Empty);
            }
            try
            {
                string url      = string.Format("{0}/sysSvc/getTokenByUserId", EnvProvider.Default.SSOManageSiteUrl);
                string password = string.Empty;
                string sql      = string.Format("select USERPASSWORD from AXPUSER where USERID={0} And ISUSE=1", LibStringBuilder.GetQuotString(userHandle.UserId));
                if (dataAccess == null)
                {
                    password = LibSysUtils.ToString((new LibDataAccess()).ExecuteScalar(sql));
                }
                else
                {
                    password = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql));
                }
                var postP = new
                {
                    userId = userHandle.UserId,
                    pwd    = password
                };
                string  errorInfo = string.Empty;
                dynamic result    = LibNetUtils.HttpPostCall <dynamic>(url, postP, out errorInfo, timeOutMs);

                if (string.IsNullOrEmpty(errorInfo) == false || result == null)
                {
                    return(string.Empty);
                }
                else
                {
                    return((string)result.GetTokenByUserIdResult);
                }
            }
            catch (Exception exp)
            {
                LibCommUtils.AddOutput("CrossSiteCall", string.Format("error:{0}\r\nStacktrace:{1}", exp.Message, exp.StackTrace));
                return(string.Empty);
            }
        }
Beispiel #8
0
        public static Result GenerateCode(string userId, string phoneNo)
        {
            Result res = new Result();

            try
            {
                // 生成四位数的验证码
                Random r    = new Random();
                int    i    = (int)(r.NextDouble() * 10000);
                string code = i.ToString().PadLeft(4, '0');


                // 查看是否存在该帐号对应的验证码
                LibDataAccess access = new LibDataAccess();
                string        sql    = string.Format("SELECT count(*) FROM AXPVERIFYCODE WHERE USERID = {0}", LibStringBuilder.GetQuotString(userId));
                int           count  = LibSysUtils.ToInt32(access.ExecuteScalar(sql));


                // 生成或者更新验证码
                if (count == 0)
                {
                    sql = string.Format("INSERT INTO AXPVERIFYCODE(USERID, VERIFYCODE, TIME) VALUES({0}, {1}, {2})", LibStringBuilder.GetQuotString(userId), LibStringBuilder.GetQuotString(code), LibDateUtils.GetCurrentDateTime());
                }
                else if (count == 1)
                {
                    sql = string.Format("UPDATE AXPVERIFYCODE SET VERIFYCODE={0}, TIME={1} WHERE USERID={2}", LibStringBuilder.GetQuotString(code), LibDateUtils.GetCurrentDateTime(), LibStringBuilder.GetQuotString(userId));
                }
                access.ExecuteNonQuery(sql);


                // 发送短信
                SendSMSParam sendSMSParam = new SendSMSParam();
                sendSMSParam.Message = "验证码为:" + code;
                sendSMSParam.PhoneList.Add(phoneNo);
                LibSMSHelper.SendMsg(sendSMSParam);


                res.ReturnValue = true;
                res.Message     = "成功!";
            }
            catch (Exception ex)
            {
                res.ReturnValue = false;
                res.Message     = "失败!" + ex.Message;
            }
            return(res);
        }
Beispiel #9
0
        public object GetFormatData(string unitId)
        {
            object value = this.Get <object>(unitId);

            if (value == null)
            {
                //说明缓存不存在则需创建
                string        sql        = string.Format("Select RETAINDIGITS From COMUNIT Where UNITID={0}", LibStringBuilder.GetQuotString(unitId));
                LibDataAccess dataAccess = new LibDataAccess();
                value = dataAccess.ExecuteScalar(sql);
                if (value != null)
                {
                    this.Set(unitId, value, new TimeSpan(0, 180, 0));
                }
            }
            return(value);
        }
Beispiel #10
0
        public DataSet GetMyNews(string userId, string password)
        {
            SystemService server = new SystemService();
            LibDataAccess access = new LibDataAccess();
            string        sql    = string.Format("SELECT count(*) FROM AXPUSER  WHERE USERID ='{0}' AND USERPASSWORD ='******'", userId, password);
            int           count  = LibSysUtils.ToInt32(access.ExecuteScalar(sql));

            if (count > 0)
            {
                sql = string.Format("SELECT  NEWSID ,USERID ,TITLE ,MAINCONTENT ,INFOID ,A.CREATETIME ,PERSONID ,ISREAD ,EXECTASKDATAID ,B.CREATETIME ,PROGID ,RESULTDATA FROM AXPUSERNEWS A LEFT JOIN AXAEXECTASKDATA B ON A.INFOID = B.EXECTASKDATAID WHERE A.USERID = {0} AND A.ISREAD = 0", LibStringBuilder.GetQuotString(userId));

                return(access.ExecuteDataSet(sql));
            }
            else
            {
                return(new DataSet());
            }
        }
Beispiel #11
0
 /// <summary>
 /// 检查用户账户是否存在
 /// </summary>
 /// <param name="userId"></param>
 /// <returns></returns>
 public static bool CheckUserExist(string userId)
 {
     if (string.IsNullOrEmpty(userId))
     {
         return(false);
     }
     try
     {
         LibDataAccess dataAccess = new LibDataAccess();
         int           count      = LibSysUtils.ToInt32(dataAccess.ExecuteScalar(string.Format("select count(*) from AXPUSER where USERID={0} AND ISUSE=1",
                                                                                               LibStringBuilder.GetQuotString(userId))));
         return(count > 0);
     }
     catch (Exception exp)
     {
         LibCommUtils.AddOutput("CrossSiteCall", string.Format("error:{0}\r\nStacktrace:{1}", exp.Message, exp.StackTrace));
         return(false);
     }
 }
Beispiel #12
0
        /// <summary>
        /// 在跨站登陆前,访问获取Token
        /// </summary>
        /// <param name="userHandle">当前用户句柄</param>
        /// <returns></returns>
        public string GetToken(string userHandle)
        {
            LibHandle handle = LibHandleCache.Default.GetCurrentHandle(userHandle);

            if (handle == null)
            {
                return(string.Empty);
            }

            if (EnvProvider.Default.IsSSOManageSite)
            {
                return(handle.GetToCheckToken());
            }
            else
            {
                try
                {
                    string        sql        = string.Format("select USERPASSWORD from AXPUSER where USERID = {0}", LibStringBuilder.GetQuotString(handle.UserId));
                    LibDataAccess dataAccess = new LibDataAccess();
                    var           pwd        = dataAccess.ExecuteScalar(sql);
                    if (pwd == null)
                    {
                        return(string.Empty);
                    }
                    string  baseUrl   = EnvProvider.Default.SSOManageSiteUrl;
                    string  url       = baseUrl + "/sysSvc/getTokenByUserId";
                    string  errorInfo = "";
                    dynamic obj       = LibNetUtils.HttpPostCall <dynamic>(url, new { userId = handle.UserId, pwd = pwd.ToString() }, out errorInfo);
                    if (string.IsNullOrEmpty(errorInfo))
                    {
                        string token = obj.GetTokenByUserIdResult.Value;
                        return(token);
                    }
                    return(string.Empty);
                }
                catch (Exception)
                {
                    return(string.Empty);
                    //throw;
                }
            }
        }
Beispiel #13
0
        public static Result SavePictureCalidateCode(string userId, string code)
        {
            Result        result     = new Result();
            LibDataAccess dataAccess = new LibDataAccess();
            string        sql        = string.Format("SELECT count(*) FROM AXPVERIFYCODE WHERE USERID = {0}", LibStringBuilder.GetQuotString(userId));
            int           count      = LibSysUtils.ToInt32(dataAccess.ExecuteScalar(sql));


            // 生成或者更新验证码
            if (count == 0)
            {
                sql = string.Format("INSERT INTO AXPVERIFYCODE(USERID, VERIFYCODE, TIME) VALUES({0}, {1}, {2})", LibStringBuilder.GetQuotString(userId), LibStringBuilder.GetQuotString(code), LibDateUtils.GetCurrentDateTime());
            }
            else if (count == 1)
            {
                sql = string.Format("UPDATE AXPVERIFYCODE SET VERIFYCODE={0}, TIME={1} WHERE USERID={2}", LibStringBuilder.GetQuotString(code), LibDateUtils.GetCurrentDateTime(), LibStringBuilder.GetQuotString(userId));
            }
            dataAccess.ExecuteNonQuery(sql);
            return(result);
        }
Beispiel #14
0
        public static void PushMessage(string userId, PushType pushType)
        {
            LibDataAccess dataAccess = new LibDataAccess();

            try
            {
                string sql  = string.Format("SELECT UUID FROM AXPUSER WHERE USERID={0}");
                string uuid = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql));
                if (!string.IsNullOrEmpty(uuid))
                {
                    List <string> uuidList = new List <string>();
                    uuidList.Add(uuid);
                    //PushMessageListToListByTransmissionTemplate(uuidList, pushType);
                }
            }
            catch (Exception)
            {
                throw;
            }
        }
Beispiel #15
0
        /// <summary>
        /// 获取异常消息
        /// </summary>
        /// <param name="userId">帐号</param>
        /// <param name="handle">句柄</param>
        /// <param name="info">分页参数</param>
        /// <returns></returns>
        public static Result GetAbnormalReport(string userId, string handle, PageModel info)
        {
            Result res = new Result();

            res.ReturnValue = true;
            LibHandle Handle = LibHandleCache.Default.IsExistsHandle(LibHandeleType.PC, userId);

            Service.VerificationHandle(userId, handle, Handle, res);
            if (res.ReturnValue)
            {
                LibDataAccess access = new LibDataAccess();
                try
                {
                    string sql = string.Empty;
                    if (!string.IsNullOrEmpty(Handle.PersonId))
                    {
                        StringBuilder builder = new StringBuilder();
                        if (info.queryField != null)
                        {
                            switch (info.queryField[0].QueryChar)
                            {
                            case LibQueryChar.Equal:
                                builder.AppendFormat("AND {0}{1}{2}", info.queryField[0].Name, "=", info.queryField[0].Value[0]);
                                break;

                            case LibQueryChar.Region:
                                builder.AppendFormat("AND {0}{1}{2} AND {3}{4}{5}", info.queryField[0].Name, ">=", info.queryField[0].Value[0], info.queryField[0].Name, "<=", info.queryField[0].Value[1]);
                                break;

                            case LibQueryChar.GreaterOrEqual:
                                builder.AppendFormat("AND {0}{1}{2}", info.queryField[0].Name, ">=", info.queryField[0].Value[0]);
                                break;

                            case LibQueryChar.LessOrEqual:
                                builder.AppendFormat("AND {0}{1}{2}", info.queryField[0].Name, "<=", info.queryField[0].Value[0]);
                                break;

                            case LibQueryChar.GreaterThan:
                                builder.AppendFormat("AND {0}{1}{2}", info.queryField[0].Name, ">", info.queryField[0].Value[0]);
                                break;

                            case LibQueryChar.LessThan:
                                builder.AppendFormat("AND {0}{1}{2}", info.queryField[0].Name, "<", info.queryField[0].Value[0]);
                                break;

                            case LibQueryChar.UnequalTo:
                                builder.AppendFormat("AND {0}{1}{2}", info.queryField[0].Name, "<>", info.queryField[0].Value[0]);
                                break;
                            }
                        }
                        //StringBuilder buildString = new StringBuilder();
                        Dictionary <string, object> dic = new Dictionary <string, object>();
                        int beginNum = 0, endNum = 0;
                        sql = string.Format("SELECT COUNT(*) FROM COMABNORMALREPORT A LEFT JOIN COMABNORMALREPORTTYPEFLOW B ON B.TYPEID = A.TYPEID  WHERE A.TRANSMITLEVEL = B.TRANSMITLEVEL AND B.PERSONID = '{0}' AND (SELECT COUNT(BILLNO) FROM COMABNORMALTRACE C WHERE C.FROMBILLNO=A.BILLNO )={1} {2}", Handle.PersonId, LibSysUtils.ToInt32(info.SelectCondition), builder);
                        int totalCount    = LibSysUtils.ToInt32(access.ExecuteScalar(sql));
                        int pageCount     = 0;
                        if (totalCount / info.PageSize == 0)
                        {
                            pageCount = totalCount / info.PageSize;
                        }
                        else
                        {
                            pageCount = totalCount / info.PageSize + 1;
                        }
                        endNum   = info.PageNo * info.PageSize;
                        beginNum = (info.PageNo - 1) * info.PageSize + 1;
                        DatabaseProviderFactory factory = new DatabaseProviderFactory(ConfigurationSourceFactory.Create());
                        Database dataBase = factory.Create("DefaultConnection");
                        if (dataBase.GetType().Name == "OracleDatabase")
                        {
                            sql = string.Empty;
                            sql = string.Format(@" SELECT DISTINCT  A.BILLNO,
                                                              A.BILLDATE,
                                                              D.ABNORMALTYPENAME,
                                                              A.FROMPERSONID,
                                                              C.PERSONNAME AS FROMPERSONNAME,
                                                              C.PHONENO AS FROMPHONENO,
                                                              A.ABNORMALDESC
                                                              FROM 
                                                              (
                                                              SELECT E.*,ROWNUM RN 
                                                              FROM (SELECT * FROM COMABNORMALREPORT F LEFT JOIN COMABNORMALREPORTTYPEFLOW B ON B.TYPEID = F.TYPEID  WHERE B.PERSONID={2} AND F.TRANSMITLEVEL = B.TRANSMITLEVEL AND (SELECT COUNT(BILLNO) FROM COMABNORMALTRACE A WHERE A.FROMBILLNO=F.BILLNO )={3}) E 
                                                              WHERE ROWNUM <= {1} ) A 
                                                             LEFT JOIN COMPERSON C ON C.PERSONID=A.FROMPERSONID 
                                                             LEFT JOIN COMABNORMALTYPE D ON D.ABNORMALTYPEID=A.ABNORMALTYPEID  
                                                             WHERE  RN>={0} {4}", beginNum, endNum, Handle.PersonId, LibSysUtils.ToInt32(info.SelectCondition), builder);
                        }
                        else
                        {
                            sql = string.Empty;
                            sql = string.Format("");
                        }
                        res.Info = access.ExecuteDataSet(sql);
                        //res.Info = access.ExecuteStoredProcedureReturnDataSet("GETABNORMALREPORT", ref dic, beginNum, endNum, Handle.PersonId, LibSysUtils.ToInt32(info.SelectCondition), builder);
                        res.pageModel.PageNo     = info.PageNo;
                        res.pageModel.PageSize   = info.PageSize;
                        res.pageModel.PageCount  = pageCount;
                        res.pageModel.TotalCount = totalCount;
                        res.ReturnValue          = true;
                    }
                    else
                    {
                        res.ReturnValue = false;
                        res.Message     = "请重新登录!";
                    }
                }
                catch (Exception ex)
                {
                    res.ReturnValue = false;
                    res.Message     = "查询失败!" + ex.Message;
                }
            }
            return(res);
        }
Beispiel #16
0
        public LoginInfo AppLogin(string userId, string password, string clientId, int clientType, bool quitOther = false)
        {
            LoginInfo loginInfo = new LoginInfo();
            //检查是否具有 AXPUSERAPP数据表,用于判定是否支持移动端App登录
            LibSqlModel sqlModel      = LibSqlModelCache.Default.GetSqlModel("axp.User");
            bool        hasAXPUSERAPP = false;

            if (sqlModel != null && sqlModel.Tables.Count > 1 && sqlModel.Tables[1].TableName.Equals("AXPUSERAPP"))
            {
                hasAXPUSERAPP = true;
            }
            if (hasAXPUSERAPP == false)
            {
                return(loginInfo);//如果没有需要的相关字段则直接返回
            }

            SqlBuilder builder = new SqlBuilder("axp.User");
            string     sql     = string.Format(@"SELECT 
                                        A.PERSONID,
                                        A.ROLEID,
                                        A.WALLPAPER,A.WALLPAPERSTRETCH,B.PERSONNAME,B.PHONENO,B.CORNET,B.HEADPORTRAIT,B.MAIL   
                                        FROM AXPUSER A LEFT JOIN COMPERSON B ON B.PERSONID=A.PERSONID   
                                        WHERE A.USERID={0} and A.USERPASSWORD={1} AND A.ISUSE=1", LibStringBuilder.GetQuotString(userId), LibStringBuilder.GetQuotString(password));
            //builder.GetQuerySql(0, "A.PERSONID,A.PERSONNAME,A.PHONENO,A.CORNET,A.HEADPORTRAIT,A.MAIL,A.ROLEID,A.WALLPAPER,A.WALLPAPERSTRETCH", string.Format("A.USERID={0} And A.USERPASSWORD={1} And A.ISUSE=1", LibStringBuilder.GetQuotString(userId), LibStringBuilder.GetQuotString(password)));
            LibDataAccess dataAccess = new LibDataAccess();
            string        roleId     = string.Empty;
            bool          exists     = false;

            using (IDataReader reader = dataAccess.ExecuteDataReader(sql))
            {
                if (reader.Read())
                {
                    loginInfo.PersonId   = LibSysUtils.ToString(reader["PERSONID"]);
                    loginInfo.PersonName = LibSysUtils.ToString(reader["PERSONNAME"]);
                    roleId = LibSysUtils.ToString(reader["ROLEID"]);
                    loginInfo.Wallpaper = LibSysUtils.ToString(reader["WALLPAPER"]);
                    loginInfo.Stretch   = LibSysUtils.ToBoolean(reader["WALLPAPERSTRETCH"]);
                    //20170214 施卢威 增加头像 Email 短号信息
                    loginInfo.Headportrait = LibSysUtils.ToString(reader["HEADPORTRAIT"]);
                    loginInfo.UserEMail    = LibSysUtils.ToString(reader["MAIL"]);
                    loginInfo.Cornet       = LibSysUtils.ToString(reader["CORNET"]);
                    loginInfo.UserPhone    = LibSysUtils.ToString(reader["PHONENO"]);
                    exists = true;
                }
            }
            if (exists)
            {
                #region 帐号与登录设备关联
                string appSql = string.Empty;
                //查询帐号是否已有设备标识
                int isAPPClient = LibSysUtils.ToInt32(dataAccess.ExecuteScalar(string.Format("SELECT COUNT(*) from AXPUSERAPP WHERE USERID = '{0}' and CLIENTTYPE={1}", userId, clientType)));
                if (isAPPClient > 0)
                {
                    //更新设备标识信息
                    appSql = string.Format("UPDATE AXPUSERAPP SET  CLIENTID={1}    WHERE USERID={0} AND CLIENTTYPE={2}", LibStringBuilder.GetQuotString(userId), LibStringBuilder.GetQuotString(clientId), clientType);
                }
                else
                {
                    int curMaxRowId = LibSysUtils.ToInt32(dataAccess.ExecuteScalar(string.Format("SELECT Max(ROW_ID) from AXPUSERAPP WHERE USERID='{0}'", userId)));
                    //插入账户对应的App设备标识信息。
                    appSql = string.Format("insert into AXPUSERAPP(USERID,ROW_ID,ROWNO,CLIENTTYPE,CLIENTID) values('{0}',{1},{2},{3},'{4}')",
                                           userId, curMaxRowId + 1, curMaxRowId + 1, clientType, clientId, 1);
                }
                dataAccess.ExecuteNonQuery(appSql);

                #endregion

                LibHandle handle = LibHandleCache.Default.IsExistsHandle(LibHandeleType.PC, userId);
                if (handle != null)
                {
                    if (quitOther)
                    {
                        LibHandleCache.Default.RemoveHandle(handle.Handle);
                    }
                    else
                    {
                        loginInfo.IsUsed = true;
                    }
                }
                if (!loginInfo.IsUsed)
                {
                    long currentCount = LibHandleCache.Default.GetCount();
                    long maxUserCount = (long)LibHandleCache.Default.MaxUserCount;
                    if (maxUserCount != -1 && maxUserCount < currentCount)
                    {
                        loginInfo.IsOverUser = true;
                    }
                    else
                    {
                        string loginIp = string.Empty;
                        //Zhangkj20161219 增加LoginIp
                        System.ServiceModel.OperationContext context = System.ServiceModel.OperationContext.Current;
                        //对于非WCF的访问context为null
                        if (context != null)
                        {
                            System.ServiceModel.Channels.MessageProperties             properties = context.IncomingMessageProperties;
                            System.ServiceModel.Channels.RemoteEndpointMessageProperty endpoint   = properties[System.ServiceModel.Channels.RemoteEndpointMessageProperty.Name] as System.ServiceModel.Channels.RemoteEndpointMessageProperty;
                            loginIp = endpoint.Address + ":" + endpoint.Port.ToString();
                            handle  = LibHandleCache.Default.GetHandle(string.Empty, LibHandeleType.PC, userId, loginInfo.PersonId, loginInfo.PersonName, roleId, loginIp);
                        }
                        else
                        {
                            handle = LibHandleCache.Default.GetHandle(string.Empty, LibHandeleType.PC, userId, loginInfo.PersonId, loginInfo.PersonName, roleId);
                        }
                        //创建新的Handle

                        if (handle != null)
                        {
                            loginInfo.Handle = handle.Handle;
                        }
                    }
                }
            }
            return(loginInfo);
        }
Beispiel #17
0
        /// <summary>
        /// 检查表单附件目录,如果需要的目录不存在则创建。返回检查得到的目录编号
        /// 目录编号为表单的功能代码progid,名称为表单的功能显示名称
        /// 添加到公共目录下的“表单附件”目录下,如该父目录不存在则创建
        /// 子目录按照日期构建
        /// </summary>
        /// <param name="progId"></param>
        /// <param name="displayName"></param>
        /// <returns></returns>
        public bool CheckAndAddBillAttachmentDir(string progId, out string retDirId)
        {
            retDirId = string.Empty;
            if (string.IsNullOrEmpty(progId))
            {
                return(false);
            }
            string displayName = string.Empty;
            string sql         = string.Empty;
            object obj         = DBNull.Value;

            Dictionary <string, LibChangeRecord> dicChanges       = new Dictionary <string, LibChangeRecord>();
            Dictionary <string, object>          dicChangeColumns = new Dictionary <string, object>();

            try
            {
                LibHandle systemHandle = LibHandleCache.Default.GetSystemHandle();
                this.Handle = systemHandle;//设置为系统用户

                LibDataAccess dataAccess = this.DataAccess;
                //检查“表单附件”一级公共目录
                if (string.IsNullOrEmpty(ProgDirInfo.BillAttachmentTopDirId))
                {
                    sql = string.Format("select DIRID from DMDIRECTORY where DIRNAME = '{0}' and DIRTYPE = 0 and PARENTDIRID = '' order by CREATETIME asc", ProgDirInfo.BillAttachmentTopDirName);
                    obj = dataAccess.ExecuteScalar(sql);
                    if (string.IsNullOrEmpty(LibSysUtils.ToString(obj)))
                    {
                        //表单附件一级目录还不存在
                        string topDirId = string.Empty;
                        if (AddDirDirectly(ref topDirId, ProgDirInfo.BillAttachmentTopDirName, DirTypeEnum.Public, "") == false)
                        {
                            return(false);
                        }
                        else
                        {
                            ProgDirInfo.BillAttachmentTopDirId = topDirId;
                        }
                    }
                    else
                    {
                        ProgDirInfo.BillAttachmentTopDirId = (string)obj;
                    }
                }

                ProgDirInfo progDirInfo = ProgDirInfo.GetDirInfo(progId);
                if (progDirInfo == null || string.IsNullOrEmpty(progDirInfo.DirId) ||
                    string.IsNullOrEmpty(progDirInfo.ProgDisplayName))
                {
                    progDirInfo = new ProgDirInfo(progId);
                    //查找ProgId对应的功能名称
                    sql         = string.Format("select PROGNAME from AXPFUNCLIST where PROGID = '{0}'", progId);
                    displayName = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql));
                    if (string.IsNullOrEmpty(displayName))
                    {
                        return(false);
                    }
                    progDirInfo.ProgDisplayName = displayName;
                }
                if (string.IsNullOrEmpty(progDirInfo.DirId))
                {
                    //检查功能模块二级目录
                    sql = string.Format("select DIRID from DMDIRECTORY where DIRID = '{0}'", progId);
                    obj = dataAccess.ExecuteScalar(sql);
                    if (string.IsNullOrEmpty(LibSysUtils.ToString(obj)))
                    {
                        //表单附件二级目录(功能模块)还不存在
                        if (AddDirDirectly(ref progId, displayName, DirTypeEnum.Public, ProgDirInfo.BillAttachmentTopDirId) == false)
                        {
                            return(false);
                        }
                        progDirInfo.DirId = progId;
                    }
                    progDirInfo.DirId = progId;
                }
                //检查三级目录,日期名
                string threeDirName = DateTime.Now.ToString("yyyyMMdd");
                retDirId = progDirInfo.GetDayDirId(threeDirName);
                if (string.IsNullOrEmpty(retDirId))
                {
                    sql = string.Format("select DIRID from DMDIRECTORY where DIRNAME = '{0}' and DIRTYPE = 0 and PARENTDIRID = '{1}' order by CREATETIME asc", threeDirName, progId);
                    obj = dataAccess.ExecuteScalar(sql);
                    if (string.IsNullOrEmpty(LibSysUtils.ToString(obj)))
                    {
                        //表单附件三级目录还不存在
                        bool ret = AddDirDirectly(ref retDirId, threeDirName, DirTypeEnum.Public, progDirInfo.DirId);
                        if (ret)
                        {
                            progDirInfo.AddDayDirId(threeDirName, retDirId);
                            ProgDirInfo.AddDirInfo(progDirInfo);
                        }
                        return(ret);
                    }
                    else
                    {
                        retDirId = (string)obj;
                        if (string.IsNullOrEmpty(retDirId))
                        {
                            return(false);
                        }
                        else
                        {
                            progDirInfo.AddDayDirId(threeDirName, retDirId);
                            ProgDirInfo.AddDirInfo(progDirInfo);
                        }
                    }
                }
                return(true);
            }
            catch (Exception exp)
            {
                DMCommonMethod.WriteLog("DmDirectoryBcf.AddBillAttachmentDir", string.Format("ProgId:{0}\r\nDisplayName:{1}\r\nError:{2}", progId, displayName, exp.ToString()));
                return(false);
            }
        }
Beispiel #18
0
        /// <summary>
        /// 使用用户名密码  下载文件
        /// 检查用户对指定文档的下载权限,如果有则将文件复制到临时目录然后通过文件流返回
        /// </summary>
        /// <returns></returns>
        public FileStreamResult DownloadForPassword()
        {
            string docId       = string.Empty;
            int    modifyVerId = -1;

            try
            {
                docId = Request.Form["docId"];
                string userId         = Request.Form["userId"];
                string password       = Request.Form["password"];
                string modifyVerIdStr = Request.Form["modifyVerId"];
                if (string.IsNullOrEmpty(docId) || string.IsNullOrEmpty(userId) || string.IsNullOrEmpty(modifyVerIdStr) || string.IsNullOrEmpty(password))
                {
                    return(null);
                }

                if (int.TryParse(modifyVerIdStr, out modifyVerId) == false)
                {
                    return(null);
                }

                string downloadName = string.Empty;

                SqlBuilder    builder    = new SqlBuilder("axp.User");
                string        sql        = builder.GetQuerySql(0, "A.PERSONID", string.Format("A.USERID={0} And A.USERPASSWORD={1} And A.ISUSE=1", LibStringBuilder.GetQuotString(userId), LibStringBuilder.GetQuotString(password)));
                LibDataAccess dataAccess = new LibDataAccess();
                string        personId   = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql));
                if (personId == null)
                {
                    throw new Exception("用户账户或密码错误");
                }

                //权限判断
                if (userId.ToLower() != "admin")
                {
                    //DMUserPermission userPermission = DMUserPermissionCache.Default.GetCacheItem(personId);
                    //if (!userPermission.CheckCan(string.Empty, docId, DMFuncPermissionEnum.Download))
                    //{
                    //    throw new Exception("没有权限下载该文件");
                    //}
                }


                DirLinkAddress dirlink = new DirLinkAddress(docId);
                downloadName = dirlink.DocName;
                //复制一份到临时目录
                string tempPath    = Path.Combine(DMCommonMethod.GetDMRootTempPath(), string.Format("{0}_{1}", DateTime.Now.Ticks.ToString(), downloadName));
                string docFullPath = dirlink.GetDocFullPath(modifyVerId);
                if (System.IO.File.Exists(docFullPath))
                {
                    System.IO.File.Copy(docFullPath, tempPath);
                    var contentType = MimeMapping.GetMimeMapping(downloadName);
                    return(File(new FileStream(tempPath, FileMode.Open), contentType, downloadName));
                }
                throw new Exception("文件不存在");
            }
            catch (Exception exp)
            {
                DMCommonMethod.WriteLog("DocumentController.Download", string.Format("DocId:{0}\r\nModifyVerId:{1}\r\nError:{2}", docId, modifyVerId, exp.ToString()));
                return(null);
            }
        }
        private LibPermissionGroup GetPermissionGroupData(string groupId)
        {
            LibPermissionGroup groupData     = null;
            string             sql           = string.Format("select PARENTGROUPID from AXPPERMISSIONGROUP where PERMISSIONGROUPID={0} and ISVALIDITY=1", LibStringBuilder.GetQuotString(groupId));
            LibDataAccess      dataAccess    = new LibDataAccess();
            string             parentGroupId = LibSysUtils.ToString(dataAccess.ExecuteScalar(sql, false));

            if (!string.IsNullOrEmpty(parentGroupId))
            {
                groupData = GetPermissionGroupData(parentGroupId);
            }
            if (groupData == null)
            {
                groupData = new LibPermissionGroup();
            }
            sql = string.Format("select PROGID,SHOWCONDITION,OPERATEMARK from AXPPERMISSIONGROUPDETAIL where PERMISSIONGROUPID={0}", LibStringBuilder.GetQuotString(groupId));
            using (IDataReader reader = dataAccess.ExecuteDataReader(sql, false))
            {
                while (reader.Read())
                {
                    string        progId        = LibSysUtils.ToString(reader["PROGID"]);
                    LibPermission permission    = new LibPermission();
                    string        showCondition = LibSysUtils.ToString(reader["SHOWCONDITION"]);
                    if (!string.IsNullOrEmpty(showCondition))
                    {
                        LibQueryCondition condition = JsonConvert.DeserializeObject(showCondition, typeof(LibQueryCondition)) as LibQueryCondition;
                        permission.ShowCondition = LibQueryConditionParser.GetQueryData(progId, condition);
                        if (!string.IsNullOrEmpty(permission.ShowCondition.Trim()))
                        {
                            foreach (var queryField in condition.QueryFields)
                            {
                                if (!permission.QueryFieldDic.ContainsKey(queryField.Name))
                                {
                                    permission.QueryFieldDic.Add(queryField.Name, new List <LibQueryField>()
                                    {
                                        queryField
                                    });
                                }
                            }
                            permission.ShowCondition = string.Format("({0})", permission.ShowCondition);
                        }
                    }
                    permission.OperateMark = LibSysUtils.ToInt32(reader["OPERATEMARK"]);
                    if (groupData.PermissionDic.ContainsKey(progId)) //对于继承关系的,直接用子覆盖父的权限
                    {
                        groupData.PermissionDic[progId] = permission;
                    }
                    else
                    {
                        groupData.PermissionDic.Add(progId, permission);
                    }
                }
            }
            sql = string.Format("select B.PROGID,A.TABLEINDEX,A.FIELDNAME,A.FIELDPOWER,A.USECONDITION from AXPFIELDPOWER A inner join AXPPERMISSIONGROUPDETAIL B on B.ROW_ID=A.PARENTROWID where A.PERMISSIONGROUPID={0}", LibStringBuilder.GetQuotString(groupId));
            using (IDataReader reader = dataAccess.ExecuteDataReader(sql, false))
            {
                while (reader.Read())
                {
                    string progId = LibSysUtils.ToString(reader["PROGID"]);
                    if (groupData.PermissionDic.ContainsKey(progId))
                    {
                        int    tableIndex = LibSysUtils.ToInt32(reader["TABLEINDEX"]);
                        string fieldName  = LibSysUtils.ToString(reader["FIELDNAME"]);
                        if (!groupData.PermissionDic[progId].FieldPowerDic.ContainsKey(tableIndex))
                        {
                            groupData.PermissionDic[progId].FieldPowerDic.Add(tableIndex, new Dictionary <string, FieldPower>());
                        }
                        Dictionary <string, FieldPower> dic = groupData.PermissionDic[progId].FieldPowerDic[tableIndex];
                        if (!dic.ContainsKey(fieldName))
                        {
                            string useCondition = LibSysUtils.ToString(reader["USECONDITION"]);
                            if (!string.IsNullOrEmpty(useCondition))
                            {
                                useCondition = string.Format("({0})", useCondition);
                            }
                            dic.Add(fieldName, new FieldPower()
                            {
                                Condition = useCondition, PowerOption = (FieldPowerOption)LibSysUtils.ToInt32(reader["FIELDPOWER"])
                            });
                        }
                    }
                }
            }
            sql = string.Format("select B.PROGID,A.BUTTONID from AXPBUTTONPOWER A inner join AXPPERMISSIONGROUPDETAIL B on B.ROW_ID=A.PARENTROWID where A.PERMISSIONGROUPID={0} and A.CANUSE=0", LibStringBuilder.GetQuotString(groupId));
            using (IDataReader reader = dataAccess.ExecuteDataReader(sql, false))
            {
                while (reader.Read())
                {
                    string progId = LibSysUtils.ToString(reader["PROGID"]);
                    if (groupData.PermissionDic.ContainsKey(progId))
                    {
                        string buttonId = LibSysUtils.ToString(reader["BUTTONID"]);
                        if (!groupData.PermissionDic[progId].NoUseButton.Contains(buttonId))
                        {
                            groupData.PermissionDic[progId].NoUseButton.Add(buttonId);
                        }
                    }
                }
            }
            return(groupData);
        }
Beispiel #20
0
        /// <summary>
        /// 获取消息
        /// </summary>
        /// <param name="userId"></param>
        /// <param name="handle"></param>
        /// <param name="info"></param>
        /// <returns></returns>
        public static Result GetMyNews(string userId, string handle, PageModel info)
        {
            Result res = new Result();

            res.ReturnValue = true;
            LibHandle Handle = LibHandleCache.Default.IsExistsHandle(LibHandeleType.PC, userId);

            VerificationHandle(userId, handle, Handle, res);
            if (res.ReturnValue)
            {
                LibDataAccess access = new LibDataAccess();
                try
                {
                    string sql = string.Empty;
                    if (!string.IsNullOrEmpty(Handle.PersonId))//待优化
                    {
                        string selectCondition = string.Empty;
                        if (info.SelectCondition == 0)
                        {
                            selectCondition = string.Format("AND ISPASS = {0}", 0);
                        }
                        else
                        {
                            selectCondition = string.Format("AND ISPASS <> {0}", 0);
                        }
                        Dictionary <string, object> dic = new Dictionary <string, object>();
                        int beginNum = 0, endNum = 0;
                        sql = string.Format("SELECT COUNT(*) AS TOTALNUM FROM AXPAPPROVETASK WHERE PERSONID = {0} {1}", LibStringBuilder.GetQuotString(Handle.PersonId), selectCondition);
                        int totalCount = LibSysUtils.ToInt32(access.ExecuteScalar(sql));
                        int pageCount = 0;
                        if (totalCount / info.PageSize == 0)
                        {
                            pageCount = totalCount / info.PageSize;
                        }
                        else
                        {
                            pageCount = totalCount / info.PageSize + 1;
                        }
                        endNum                   = info.PageNo * info.PageSize;
                        beginNum                 = (info.PageNo - 1) * info.PageSize + 1;
                        sql                      = string.Empty;
                        sql                      = string.Format(@" SELECT A.PROGID,
                                                      B.PROGNAME,
                                                      A.BILLNO,
                                                      A.FROMROWID,
                                                      A.SUBMITPERSONID,
                                                      D.PERSONNAME AS SUBMITPERSONNAME,
                                                      A.PERSONID,
                                                      C.PERSONNAME,
                                                      A.CREATETIME 
                                                      FROM 
                                                      (
                                                      SELECT E.*,ROWNUM RN 
                                                      FROM (SELECT * FROM AXPAPPROVETASK) E 
                                                      WHERE ROWNUM <= {1} AND PERSONID={2} {3}) A 
                                                      LEFT JOIN AXPFUNCLIST B ON A.PROGID = B.PROGID 
                                                      LEFT JOIN COMPERSON C ON A.PERSONID = C.PERSONID 
                                                      LEFT JOIN COMPERSON D ON A.SUBMITPERSONID = D.PERSONID
                                                      WHERE RN>={0}", beginNum, endNum, LibStringBuilder.GetQuotString(Handle.PersonId), selectCondition);
                        res.Info                 = access.ExecuteDataSet(sql);
                        res.pageModel.PageNo     = info.PageNo;
                        res.pageModel.PageSize   = info.PageSize;
                        res.pageModel.PageCount  = pageCount;
                        res.pageModel.TotalCount = totalCount;
                        res.ReturnValue          = true;
                    }
                    else
                    {
                        res.Message = "请重新登录!";
                    }
                }
                catch (Exception ex)
                {
                    res.ReturnValue = false;
                    res.Message     = "查询失败!" + ex.Message;
                }
            }
            return(res);
        }